Lucene search
HistoryOct 20, 2003 - 4:00 a.m.
CVE-2003-0689
gnu libc
glibc
cve-2003-0689
buffer overflow
denial of service
code execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.7%
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
Affected configurations
Node
redhatenterprise_linuxMatch2.1advanced_server
ORredhatenterprise_linuxMatch2.1advanced_server_ia64
ORredhatenterprise_linuxMatch2.1enterprise_server
ORredhatenterprise_linuxMatch2.1enterprise_server_ia64
ORredhatenterprise_linuxMatch2.1workstation
ORredhatenterprise_linuxMatch2.1workstation_ia64
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:enterprise_linux | redhat enterprise linux | eq | 2.1 |
Related
nvd
nvd
CVE-2003-0689
2003-10-20 04:00:00
nessus
nessus
Mandrake Linux Security Advisory : glibc (MDKSA-2003:107)
2004-07-31 00:00:00
RHEL 2.1 : glibc (RHSA-2003:249)
2004-07-06 00:00:00
debiancve
debiancve
CVE-2003-0689
2003-10-20 04:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200311-06 (glibc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200311-06 (glibc)
2008-09-24 00:00:00
cvelist
cvelist
CVE-2003-0689
2003-09-03 04:00:00
gentoo
gentoo
glibc: getgrouplist buffer overflow vulnerability
2003-11-22 00:00:00
redhat
redhat
(RHSA-2003:249) glibc security update
2003-08-22 00:00:00
cert
cert
Integer overflow vulnerability in rsync
2003-12-09 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.7%
Related for CVE-2003-0689